Out of Bounds Write Vulnerability in MediaTek KeyInstall Component
CVE-2023-20783
Key Information:
- Vendor
MediaTek
- Vendor
- CVE Published:
- 7 August 2023
What is CVE-2023-20783?
The KeyInstall component in MediaTek products contains a vulnerability that allows for an out of bounds write due to insufficient bounds checking. This flaw could potentially enable local privilege escalation, allowing an attacker to execute actions with system-level permissions. Crucially, this vulnerability does not require user interaction for exploitation, increasing its risk profile. Affected systems should be updated promptly with the latest patches to mitigate this security risk.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8666, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797 Android 11.0, 12.0, 13.0
References
CVSS V3.1
Timeline
Vulnerability published
Vulnerability Reserved